Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

I forget to mention also that my monitor is having difficulty turning on, or resetting back on after it turns off for sitting idle. I'm having to turn off the monitor switch on my surge protector, turn it back on and then my monitor will turn back on when I hit the monitor switch.

Sorry, one more thing. Last few weeks, ever so often, I have received a prompt by my computer advising I was having a virtual memory issue, and it was increasing the virtual memory at that moment. I assumed that this was a part of the RAM memory you advised I needed to increase, which I will do as soon as I can, but maybe this is a different issue. Therefore, I am mentioning it.

Also, if increasing the RAM is a critical issue on my computer right now that really cannot wait two to three weeks, maybe I will just add another 256 MB to make a 1/2 GB on my computer. That will only cost me $15 and I am really low on funds at the moment and would prefer to wait unless this is a critical issue.

I forget to mention also that my monitor is having difficulty turning on, or resetting back on after it turns off for sitting idle. I'm having to turn off the monitor switch on my surge protector, turn it back on and then my monitor will turn back on when I hit the monitor switch.

Hmmm a strange one that but it actually sounds to me if the actual monitor is at fault rather than malware. It could very well be failing. There is a specific test we can try to check if your monitor is faulty. I will advise about this once satisfied your computer is malware free.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Return to OTM, right-click in the "Paste instructions for items to be moved" window (under the yellow bar) and choose Paste

Then click the red MoveIt! button.

Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of it and pressing CTRL + C (or, after highlighting, right-click and choose Copy), and paste it into your next response.

If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Close OTM.

Malwarebytes Anti-Malware:

Please note v1.41 has been recently released, if not updated part of the update process below will download and install the new version.

Launch the application, Check for Updates >> Perform a Quick Scan

When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click Remove Selected.

When completed, a log will open in Notepad. please copy and paste the log into your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For the most part, computer is running very well. I have made several attempts to access the Kapersky scan but they have been having a problem with their website. I even rebooted to make sure the problem was not stemming from my end, but it is stemming from their website and a lot of time has passed and the problem still exists. IE now shuts down every time I attempt to access that scan page. I did not try under Mozilla Firefox because you were specific about using IE. Alternatively, I ran a deep scan under my new anti-virus program ESET NOD32 AV4 and no threats were found but some files they suspected may be damaged. I will not post that complete log because it is 13 traditional pages long and no threats were found. However, in this post, I will copy the two files they flagged as possibly being damaged and it could not open. If I am able to access Kapersky before I retire, I will run it.

Okay, first log - OTM:

All processes killed========== REGISTRY ==========Registry value HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services\\AVP deleted successfully.========== FILES ==========C:\setupdlx\disk9 moved successfully.C:\setupdlx\disk8 moved successfully.C:\setupdlx\disk7 moved successfully.C:\setupdlx\disk6 moved successfully.C:\setupdlx\disk5 moved successfully.C:\setupdlx\disk4 moved successfully.C:\setupdlx\disk30 moved successfully.C:\setupdlx\disk3 moved successfully.C:\setupdlx\disk29 moved successfully.C:\setupdlx\disk28 moved successfully.C:\setupdlx\disk27 moved successfully.C:\setupdlx\disk26 moved successfully.C:\setupdlx\disk25 moved successfully.C:\setupdlx\disk24 moved successfully.C:\setupdlx\disk23 moved successfully.C:\setupdlx\disk22 moved successfully.C:\setupdlx\disk21 moved successfully.C:\setupdlx\disk20 moved successfully.C:\setupdlx\disk2 moved successfully.C:\setupdlx\disk19 moved successfully.C:\setupdlx\disk18 moved successfully.C:\setupdlx\disk17 moved successfully.C:\setupdlx\disk16 moved successfully.C:\setupdlx\disk15 moved successfully.C:\setupdlx\disk14 moved successfully.C:\setupdlx\disk13 moved successfully.C:\setupdlx\disk12 moved successfully.C:\setupdlx\disk11 moved successfully.C:\setupdlx\disk10 moved successfully.C:\setupdlx\Disk1 moved successfully.C:\setupdlx\Custom\Program\Inet\Common\Pnf\Quicken moved successfully.C:\setupdlx\Custom\Program\Inet\Common\Pnf moved successfully.C:\setupdlx\Custom\Program\Inet\Common moved successfully.C:\setupdlx\Custom\Program\Inet moved successfully.C:\setupdlx\Custom\Program moved successfully.C:\setupdlx\Custom moved successfully.C:\setupdlx moved successfully.File/Folder c:\program files\PC-Doctor for Windows XP not found.c:\documents and settings\All Users\Application Data\BitDefender\Desktop\Events moved successfully.c:\documents and settings\All Users\Application Data\BitDefender\Desktop moved successfully.c:\documents and settings\All Users\Application Data\BitDefender moved successfully.c:\program files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_14291\Plugins moved successfully.c:\program files\Common Files\BitDefender\BitDefender Threat Scanner\av32bit_14291 moved successfully.c:\program files\Common Files\BitDefender\BitDefender Threat Scanner moved successfully.c:\program files\Common Files\BitDefender moved successfully.c:\documents and settings\All Users\Application Data\SafeNet Sentinel\Sentinel RMS Development Kit\System moved successfully.c:\documents and settings\All Users\Application Data\SafeNet Sentinel\Sentinel RMS Development Kit moved successfully.c:\documents and settings\All Users\Application Data\SafeNet Sentinel moved successfully.File/Folder C:\Program Files\DNA not found.C:\Program Files\uTorrent moved successfully.========== COMMANDS ==========

I am now realizing my video players are not working. I have recently had problems with both Windows Media Player and Inter Actual player, off and on, but it appears the problem has been elevated. It immediately informs me that it has encountered a problem and I can't access or watch my video, and it kicks me out.

Also, I had been trying previously to get rid of InterVideo WinDVD. When I could not, I went ahead and updated it, but it will not open, respond or anything. It is dead.

Some of the software related issues could could very well a result of using registry cleaners. Not a lot can be done I'm afraid apart from uninstalling and then redownloading/installing.

Overall you may have to consider a reformat and reinstallation of the Windows operating system. Though you may be able to repair the actual Operating System but afterwards you would need to reinstall all Drivers and Service Packs etc.

We may be able to try a System File Check but more than likely will need files from SP3. A way around this though as follows.

On the XP SP3 Recovery disc, I do not have a CD. Windows came pre-installed on my system. BTW - My computer crashed and was no longer functional and I did a system reconstruct in August 2008. Apparently, there was a hot key on the keyboard that allowed me to do this. It took days to upload updates as it was restored to original specifications and all personal data was lost; and I only now got my drivers updated. I hope you are not referring to repeating that long process.

I only recently did a registry cleanups through CCleaner, but I kept backups. I would suppose that if this is a registry cleanup issue, that it will be found in the original backup that was taken about a week or two ago. Should I restore that backup?

On the XP SP3 Recovery disc, I do not have a CD. Windows came pre-installed on my system. BTW - My computer crashed and was no longer functional and I did a system reconstruct in August 2008. Apparently, there was a hot key on the keyboard that allowed me to do this. It took days to upload updates as it was restored to original specifications and all personal data was lost; and I only now got my drivers updated.

OK fair play that explains the extra partition on your hard-drive. That will be what is known as a recovery partition, which is used in lieu of a actual installation CD-ROM used by some computer manufacturer's.

I hope you are not referring to repeating that long process.

Hopefully not. Please bare in mind you asked/posted here in Malware Removal for assistance with both a malware and system related problems, which in turn is provided free of charge on a volunteer basis. I am not the cause of your computer issues. At any time you prefer not to heed my advice feel free to take your computer to a IT Repair Center in your locality.

I only recently did a registry cleanups through CCleaner, but I kept backups. I would suppose that if this is a registry cleanup issue, that it will be found in the original backup that was taken about a week or two ago. Should I restore that backup?

No do not attempt to use the backups as the actual chance of them being able to restore the system to as was before the Scan for Issues component used are quite slim and could very well create more problems system wise.

Please run the BitDefender online scan and post the results when completed, thank you.

I was surprised by your last response as you appear to be very defensive. I don't recall anything I have written that suggests I was blaming you for my computer problems, not trusting you, or not demonstrating gratitude, which I believe I have done several times. If it bothers you that I would be dismayed at having to repeat that dreadful process of wiping my system out and reconstructing it, I can't help your reaction to my reaction to my problem. You have asked me repeatedly to keep you abreast of any issues, concerns or problems as we go along with the process. I do not know what is attributable to malware and what is not. I can only share my experience with my system as we go along, as per your request. I would ask that you do not then lecture me as though I am doing something wrong by you. I have expressed my gratitude for your time and am grateful.

As to your caveat, I have taken that into consideration and I agree. I would want and would seek out a second opinon at another forum before taking a drastic measure as system reconstruction. I have put an exteme amount of time on working on resolving all issues on this sytsem in the past 3 weeks and have a great deal of other obligations I need to tend to before I consider putting the amount of time I had to put in a year ago. This is not to say I am blaming you for my problem and I don't know why you suggested that. Surely you are used to people being distressed by this type of situation. But thank you for your cavaet nontheless.

Okay, I uninstalled Interactual Player and reinstalled it, and then it worked. Then I uninstalled the recently upgraded Windows Media Player 11 (from version 9), and then reinstalled it. Still Windows Media Player did not work, but then the InterActual also did not work again. It might have something to do with the Windows Media Upgrade to 11 (codecs involved).

Also the time prior I had used both media players, it had given me a display driver error code. This is what prompted me to get Driver Detective to check for driver updates, which was important because I never realized the last time I reconstructed the computer that I needed to reinstall and/or update the drivers, and this proved helpful in other areas. I am a full time online student and the media player use is important/necessary and not just an option.

You conveyed concern about having run the RSIT and then utilizing restore. Does this include System Restore? If so, I need to clear them out. If not, maybe we can restore the system from being your ran RSIT, so that I can restore the registry that was taken about 1 to 2 weeks ago. I think it is possible that my display driver error code occurred after I did my initial registry cleanup.

Okay. I uninstalled RealPlayer and Interactual Player. I installed VLS and XP Codec (Media Player Classic). I am able to watch videos on VLS and Media Player Classic though it is not smooth (a little choppy). The Codec Detective advised I was missing (or was not installed correctly) LEAD MCMP-MJPEG codec. I tried downloading it, but then they wanted money, so I removed that download. It then removed other versions of the Lead that actually was working. I've tried system restore but it appears my computer is confused. It is okay now but I don't want to run anymore system restores. I am burnt out and feel maybe I do need to just wipe this out and start over instead of us wasting anymore time on this.

It has only been a year and I can upload my important docs and PDFs to my school and hotmail accounts. The only thing would be my music. Other than this, I don't have much that I can't simply put back in. I keep my licenses in my hotmail account.

I don't have registration keys and am unsure how I got this system reconstructed last time. Actually, I was getting ready to place it in the dumpster and I crossed paths with a homeless family whom the mother knew or heard of a hot key command to reconstruct the XP system. She said she would try it, and then was in and out in about 30 minutes and I was left to do the uploading of windows updates. So, I know it can be done and my system was fried, but I don't know how it was done without a registration key. But then again, this came preinstalled.

I don't want to waste anymore unneccesary time on this as I have heavy coursework load and my academics are suffering now because of the time I have been putting to work on this computer and sitting by waiting for scans and downloads to run, etc., trying to find the right updates, etc. If we are going to start over, I want to put the time into that and get it behind me as quickly as possible so I can reshift my focus on where it needs to be.

Read all you have posted, a system reset to as was(using the in-built recovery partition) may indeed be required but since both myself and this forum primarily only provide Anti-Malware support I suggest before you consider this you seek specific assistance with IT/Software Tech Support.

If you wish to seek assistance with a view to the aforementioned the best advice I can give is to is create a account at one of the following forums and post in the appropriate section.

I am a member of both of the below myself and they have outstanding IT Tech Support Staff:

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well. Plus bare in mind my prior advice about upgrading the presently installed RAM(Random Access Memory).

Close all other programs apart from OTM as this step will require a reboot

On the OTM main screen, press the CleanUp! button

Say Yes to the prompt and then allow the program to reboot your computer.

The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan once a week.

Other installed security software:

Your presently installed security application, ESET NOD32 Antivirus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Once installed it will advise set Auto-Updates if not set and you then you will be able to manually check for updates also via:

Start >> All Programs >> Microsoft Updates

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.

Never open emails from unknown senders.

Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.

Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Make your Internet Explorer safer:

From within Internet Explorer click on the Tools menu and then click on Options.

Click once on the Security tab

Click once on the Internet icon so it becomes highlighted.

Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialise and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

This is very valuable information. I actually found a couple of very reasonably priced techs this morning who will wipe out the system and reinstall it, drivers, windows SP2. One claims he will accomplish it all in one day, and the other within 3 days. I am too burnt out and need to switch my attention to things that are actually just as or more important than salvaging this computer, so I will pay their reasonable price and gain time and peace of mind. However, the information you provided in your last post will be very helpful to me as I start anew, the right way this time.

And the first thing I will make sure is done is to get rid of Wild Tangent (and BitTorrent?) that came installed on this machine! lol And yes, I will increase the RAM.

I very much appreciated your help. I learned a lot through this process. You were very thorough.

I actually found a couple of very reasonably priced techs this morning who will wipe out the system and reinstall it, drivers, windows SP2. One claims he will accomplish it all in one day, and the other within 3 days.

OK be wary here, they may just carry out a system reset or if they actually wipe the drive make sure they do provide a genuine XP CD-ROM afterwards otherwise you will be left with no means of ever reinstalling the operating system again as the recovery partition thats holds the system reset will no longer be present.

And the first thing I will make sure is done is to get rid of Wild Tangent (and BitTorrent?) that came installed on this machine! lol

Aye as far as I able to ascertain they are indeed gone. Be aware though the Wild Tangent application if the system reset used will be back on the system again. It is not actually malware persay but does have some undesirable characteristics.

I very much appreciated your help. I learned a lot through this process. You were very thorough.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.